English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.704846
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DSA-4846-1)
Summary:The remote host is missing an update for the Debian 'chromium' package(s) announced via the DSA-4846-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'chromium' package(s) announced via the DSA-4846-1 advisory.

Vulnerability Insight:
Several vulnerabilities have been discovered in the chromium web browser.

CVE-2020-16044

Ned Williamson discovered a use-after-free issue in the WebRTC implementation.

CVE-2021-21117

Rory McNamara discovered a policy enforcement issue in Cryptohome.

CVE-2021-21118

Tyler Nighswander discovered a data validation issue in the v8 javascript library.

CVE-2021-21119

A use-after-free issue was discovered in media handling.

CVE-2021-21120

Nan Wang and Guang Gong discovered a use-after-free issue in the WebSQL implementation.

CVE-2021-21121

Leecraso and Guang Gong discovered a use-after-free issue in the Omnibox.

CVE-2021-21122

Renata Hodovan discovered a use-after-free issue in Blink/WebKit.

CVE-2021-21123

Maciej Pulikowski discovered a data validation issue.

CVE-2021-21124

Chaoyang Ding discovered a use-after-free issue in the speech recognizer.

CVE-2021-21125

Ron Masas discovered a policy enforcement issue.

CVE-2021-21126

David Erceg discovered a policy enforcement issue in extensions.

CVE-2021-21127

Jasminder Pal Singh discovered a policy enforcement issue in extensions.

CVE-2021-21128

Liang Dong discovered a buffer overflow issue in Blink/WebKit.

CVE-2021-21129

Maciej Pulikowski discovered a policy enforcement issue.

CVE-2021-21130

Maciej Pulikowski discovered a policy enforcement issue.

CVE-2021-21131

Maciej Pulikowski discovered a policy enforcement issue.

CVE-2021-21132

David Erceg discovered an implementation error in the developer tools.

CVE-2021-21133

wester0x01 discovered a policy enforcement issue.

CVE-2021-21134

wester0x01 discovered a user interface error.

CVE-2021-21135

ndevtk discovered an implementation error in the Performance API.

CVE-2021-21136

Shiv Sahni, Movnavinothan V, and Imdad Mohammed discovered a policy enforcement error.

CVE-2021-21137

bobbybear discovered an implementation error in the developer tools.

CVE-2021-21138

Weipeng Jiang discovered a use-after-free issue in the developer tools.

CVE-2021-21139

Jun Kokatsu discovered an implementation error in the iframe sandbox.

CVE-2021-21140

David Manouchehri discovered uninitialized memory in the USB implementation.

CVE-2021-21141

Maciej Pulikowski discovered a policy enforcement error.

CVE-2021-21142

Khalil Zhani discovered a use-after-free issue.

CVE-2021-21143

Allen Parker and Alex Morgan discovered a buffer overflow issue in extensions.

CVE-2021-21144

Leecraso and Guang Gong discovered a buffer overflow issue.

CVE-2021-21145

A use-after-free issue was discovered.

CVE-2021-21146

Alison Huffman and Choongwoo Han discovered a use-after-free issue.

CVE-2021-21147

Roman Starkov discovered an implementation error in the skia library.

For the stable distribution (buster), these problems have been fixed in version 88.0.4324.146-1~
deb10u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to its security tracker page at: [link moved to references]

Affected Software/OS:
'chromium' package(s) on Debian 10.

Solution:
Please install the updated package(s).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-16044
https://chromereleases.googleblog.com/2021/01/stable-channel-update-for-desktop_19.html
https://crbug.com/1163228
Common Vulnerability Exposure (CVE) ID: CVE-2021-21117
https://crbug.com/1137179
Common Vulnerability Exposure (CVE) ID: CVE-2021-21118
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21118
https://crbug.com/1161357
Common Vulnerability Exposure (CVE) ID: CVE-2021-21119
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21119
https://crbug.com/1160534
Common Vulnerability Exposure (CVE) ID: CVE-2021-21120
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21120
https://crbug.com/1160602
Common Vulnerability Exposure (CVE) ID: CVE-2021-21121
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21121
https://crbug.com/1161143
Common Vulnerability Exposure (CVE) ID: CVE-2021-21122
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21122
https://crbug.com/1162131
Common Vulnerability Exposure (CVE) ID: CVE-2021-21123
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21123
https://crbug.com/1137247
Common Vulnerability Exposure (CVE) ID: CVE-2021-21124
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21124
https://crbug.com/1131346
Common Vulnerability Exposure (CVE) ID: CVE-2021-21125
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21125
https://crbug.com/1152327
Common Vulnerability Exposure (CVE) ID: CVE-2021-21126
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21126
https://crbug.com/1108126
Common Vulnerability Exposure (CVE) ID: CVE-2021-21127
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21127
https://crbug.com/1115590
Common Vulnerability Exposure (CVE) ID: CVE-2021-21128
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21128
https://crbug.com/1138877
Common Vulnerability Exposure (CVE) ID: CVE-2021-21129
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21129
https://crbug.com/1140403
Common Vulnerability Exposure (CVE) ID: CVE-2021-21130
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21130
https://crbug.com/1140410
Common Vulnerability Exposure (CVE) ID: CVE-2021-21131
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21131
https://crbug.com/1140417
Common Vulnerability Exposure (CVE) ID: CVE-2021-21132
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21132
https://crbug.com/1128206
Common Vulnerability Exposure (CVE) ID: CVE-2021-21133
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21133
https://crbug.com/1157743
Common Vulnerability Exposure (CVE) ID: CVE-2021-21134
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21134
https://crbug.com/1157800
Common Vulnerability Exposure (CVE) ID: CVE-2021-21135
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21135
https://crbug.com/1157818
Common Vulnerability Exposure (CVE) ID: CVE-2021-21136
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21136
https://crbug.com/1038002
Common Vulnerability Exposure (CVE) ID: CVE-2021-21137
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21137
https://crbug.com/1093791
Common Vulnerability Exposure (CVE) ID: CVE-2021-21138
https://crbug.com/1122487
Common Vulnerability Exposure (CVE) ID: CVE-2021-21139
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21139
https://crbug.com/937131
Common Vulnerability Exposure (CVE) ID: CVE-2021-21140
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21140
https://crbug.com/1136327
Common Vulnerability Exposure (CVE) ID: CVE-2021-21141
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-21141
https://crbug.com/1140435
Common Vulnerability Exposure (CVE) ID: CVE-2021-21142
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUQSMNV7INLDDSD3RKI5S5EAULX2QC7P/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ACWYJ74Z3YN2XH4QMUEGNBC3VXX464L/
https://security.gentoo.org/glsa/202104-08
https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop.html
https://crbug.com/1169317
Common Vulnerability Exposure (CVE) ID: CVE-2021-21143
https://crbug.com/1163504
Common Vulnerability Exposure (CVE) ID: CVE-2021-21144
https://crbug.com/1163845
Common Vulnerability Exposure (CVE) ID: CVE-2021-21145
https://crbug.com/1154965
Common Vulnerability Exposure (CVE) ID: CVE-2021-21146
https://crbug.com/1161705
Common Vulnerability Exposure (CVE) ID: CVE-2021-21147
https://crbug.com/1162942
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.